tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

lsm: add the lsm_prop data structure

When more than one security module is exporting data to audit and
networking sub-systems a single 32 bit integer is no longer
sufficient to represent the data. Add a structure to be used instead.

The lsm_prop structure definition is intended to keep the LSM
specific information private to the individual security modules.
The module specific information is included in a new set of
header files under include/lsm. Each security module is allowed
to define the information included for its use in the lsm_prop.
SELinux includes a u32 secid. Smack includes a pointer into its
global label list. The conditional compilation based on feature
inclusion is contained in the include/lsm files.

Cc: apparmor@lists.ubuntu.com
Cc: bpf@vger.kernel.org
Cc: selinux@vger.kernel.org
Cc: linux-security-module@vger.kernel.org
Suggested-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Casey Schaufler <casey@schaufler-ca.com>
Acked-by: John Johansen <john.johansen@canonical.com>
[PM: added include/linux/lsm/ to MAINTAINERS, subj tweak]
Signed-off-by: Paul Moore <paul@paul-moore.com>

authored by

Casey Schaufler and committed by
Paul Moore ed870e35 9852d85e

+87
+1
MAINTAINERS
··· 20846 20846 B: mailto:linux-security-module@vger.kernel.org 20847 20847 P: https://github.com/LinuxSecurityModule/kernel/blob/main/README.md 20848 20848 T: git https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm.git 20849 + F: include/linux/lsm/ 20849 20850 F: include/linux/lsm_audit.h 20850 20851 F: include/linux/lsm_hook_defs.h 20851 20852 F: include/linux/lsm_hooks.h
+17
include/linux/lsm/apparmor.h
··· 1 + /* SPDX-License-Identifier: GPL-2.0 */ 2 + /* 3 + * Linux Security Module interface to other subsystems. 4 + * AppArmor presents single pointer to an aa_label structure. 5 + */ 6 + #ifndef __LINUX_LSM_APPARMOR_H 7 + #define __LINUX_LSM_APPARMOR_H 8 + 9 + struct aa_label; 10 + 11 + struct lsm_prop_apparmor { 12 + #ifdef CONFIG_SECURITY_APPARMOR 13 + struct aa_label *label; 14 + #endif 15 + }; 16 + 17 + #endif /* ! __LINUX_LSM_APPARMOR_H */
+16
include/linux/lsm/bpf.h
··· 1 + /* SPDX-License-Identifier: GPL-2.0 */ 2 + /* 3 + * Linux Security Module interface to other subsystems. 4 + * BPF may present a single u32 value. 5 + */ 6 + #ifndef __LINUX_LSM_BPF_H 7 + #define __LINUX_LSM_BPF_H 8 + #include <linux/types.h> 9 + 10 + struct lsm_prop_bpf { 11 + #ifdef CONFIG_BPF_LSM 12 + u32 secid; 13 + #endif 14 + }; 15 + 16 + #endif /* ! __LINUX_LSM_BPF_H */
+16
include/linux/lsm/selinux.h
··· 1 + /* SPDX-License-Identifier: GPL-2.0 */ 2 + /* 3 + * Linux Security Module interface to other subsystems. 4 + * SELinux presents a single u32 value which is known as a secid. 5 + */ 6 + #ifndef __LINUX_LSM_SELINUX_H 7 + #define __LINUX_LSM_SELINUX_H 8 + #include <linux/types.h> 9 + 10 + struct lsm_prop_selinux { 11 + #ifdef CONFIG_SECURITY_SELINUX 12 + u32 secid; 13 + #endif 14 + }; 15 + 16 + #endif /* ! __LINUX_LSM_SELINUX_H */
+17
include/linux/lsm/smack.h
··· 1 + /* SPDX-License-Identifier: GPL-2.0 */ 2 + /* 3 + * Linux Security Module interface to other subsystems. 4 + * Smack presents a pointer into the global Smack label list. 5 + */ 6 + #ifndef __LINUX_LSM_SMACK_H 7 + #define __LINUX_LSM_SMACK_H 8 + 9 + struct smack_known; 10 + 11 + struct lsm_prop_smack { 12 + #ifdef CONFIG_SECURITY_SMACK 13 + struct smack_known *skp; 14 + #endif 15 + }; 16 + 17 + #endif /* ! __LINUX_LSM_SMACK_H */
+20
include/linux/security.h
··· 34 34 #include <linux/sockptr.h> 35 35 #include <linux/bpf.h> 36 36 #include <uapi/linux/lsm.h> 37 + #include <linux/lsm/selinux.h> 38 + #include <linux/lsm/smack.h> 39 + #include <linux/lsm/apparmor.h> 40 + #include <linux/lsm/bpf.h> 37 41 38 42 struct linux_binprm; 39 43 struct cred; ··· 154 150 LOCKDOWN_XMON_RW, 155 151 LOCKDOWN_XFRM_SECRET, 156 152 LOCKDOWN_CONFIDENTIALITY_MAX, 153 + }; 154 + 155 + /* scaffolding */ 156 + struct lsm_prop_scaffold { 157 + u32 secid; 158 + }; 159 + 160 + /* 161 + * Data exported by the security modules 162 + */ 163 + struct lsm_prop { 164 + struct lsm_prop_selinux selinux; 165 + struct lsm_prop_smack smack; 166 + struct lsm_prop_apparmor apparmor; 167 + struct lsm_prop_bpf bpf; 168 + struct lsm_prop_scaffold scaffold; 157 169 }; 158 170 159 171 extern const char *const lockdown_reasons[LOCKDOWN_CONFIDENTIALITY_MAX+1];